How To Add More Games to the NES Classic

The hype around the NES Classic in 2016 was huge, and as expected, units are already selling for excessively high prices on eBay. The console shipped with 30 games pre-installed, primarily first-party releases from Nintendo. But worry not — there’s now a way to add more games to your NES Classic!

Like many a good hack, this one spawned from a forum community. [madmonkey] posted on about their attempts to load extra games into the console. The first step is using the FEL subroutine of the Allwinner SOC’s boot ROM to dump the unit’s flash memory. From there, it’s a matter of using custom tools to inject extra game ROMs before reburning the modified image to the console. The original tool used, named hakchi, requires a Super Mario savegame placed into a particular slot to work properly, though new versions have already surfaced eliminating this requirement.

While this is only a software modification, it does come with several risks. In addition to bricking your console, virus scanners are reporting the tools as potentially dangerous. There is confusion in the community as to whether these are false positives or not. As with anything you find lurking on a forum, your mileage may vary. But if you just have to beat Battletoads for the umpteenth time, load up a VM for the install process and have at it. This Reddit thread (an expansion from the original pastebin instructions) acts as a good starting point for the brave.

Only months after release, the NES Classic is already a fertile breeding ground for hacks — last year we reported on this controller mod and how to install Linux. Video of this ROM injection hack after the break.

Continue reading “How To Add More Games to the NES Classic”

Anti-Emulation Tricks on GBA-Ported NES Games

Emulation is a difficult thing to do, particularly when you’re trying to emulate a complex platform like a game console, with little to no public documentation available. Often, you’ll have to figure things out by brute force and dumb luck, and from time to time everything will come unstuck when a random piece of software throws up an edge case that brings everything screeching to a halt.

The Classic NES series was a handful of Nintendo Entertainment System games ported to the Game Boy Advance in the early 2000s. What makes them unique is a series of deliberately obtuse programming decisions that make them operate very differently from other titles. These tricks utilize advanced knowledge of the way the Game Boy Advance hardware operates and appear to have been used to make the games difficult to copy or emulate.

The games use a variety of techniques to confuse and bamboozle — from “mirrored memory” techniques that exploit addressing anomalies, to putting executable code in video RAM and writing to the audio buffers in unusual manners.

Even more confusingly, these techniques only appear to have been used in the Classic NES series of games, and not other Game Boy Advance titles. It’s not obvious why Nintendo went to special effort to protect these ports over other titles; perhaps the techniques used were for other reasons than just an attempt at copy protection. Speculate amongst yourselves in the comments.

This isn’t the first time we’ve discussed emulation of Nintendo systems — check out this effort to reverse engineer the Sony Pocketstation.

[Thanks to [[[Codifies]]] for sending this in!]

NES Classic Edition – Controller Mod

The Nintendo Classic Mini took the world by storm this year — finally, an NES in a cute, tiny package that isn’t 3D printed and running off a Raspberry Pi! It’s resoundingly popular and the nostalgic set are loving it. But what do you do when you’re two hours deep into a hardcore Metroid session and you realize you need to reboot and reload. Get off the couch? Never!

[gyromatical] had already bought an Emio Edge gamepad for his NES Mini. A little poking around inside revealed some unused pads on the PCB. Further investigation revealed that one pad can be used to wire up a reset button, and two others can be used to create a home switch. Combine this with the turbo features already present on the Emio Edge, and you’ve got a pretty solid upgrade over the stock NES Mini pad. Oftentimes, there’s extra functionality lurking inside products that manufacturers have left inactive for the sake of saving a few dollars on switches & connectors. It’s always worth taking a look inside.

Now, back in 2006, the coolest hack was running Linux on everything — and somebody’s already trying to get Linux on the NES Mini.

Continue reading “NES Classic Edition – Controller Mod”

Learn Some Plastic Techniques With This SNES WiiMote Mod

Not all hacks have to be deeply technical. Sometimes a good show of skill is just as impressive. [lyberty5] takes two completely different hunks of plastic and somehow epoxies them into a convincing and, most impressively, reliable chimera.

While the WiiMote’s motion controls certainly caused a lot of wordy debate on the Internet when it was debuted. While everyone and their grandmother who owned a game company rushed out to copy and out-innovate it once they saw Nintendo’s hoard of dragon gold. Most game designers had other thoughts about the concept, mostly that it wouldn’t do for a platformer. So the gamer caught in the middle of it all had to rotate their grip-optimized rectangle 90 degrees and blister their thumbs on tiny buttons to play. Continue reading “Learn Some Plastic Techniques With This SNES WiiMote Mod”

A Linux Exploit That Uses 6502 Code

With ubiquitous desktop computing now several decades old, anyone creating an operating system distribution now faces a backwards compatibility problem. Each upgrade brings its own set of new features, but it must maintain compatibility with the features of the previous versions or risk alienating users. If you are a critic of Microsoft products for their bloat, this is one of the factors behind that particular issue.

As well as a problem of compatibility, this extra software overhead creates one of security. A piece of code descended from a DOS word processor of the 1980s for example was not originally created with any idea that it might one day be hiding in a library on a machine visible to the entire world by the Internet. Our subject today is a good example, just such a vulnerability hiding in an old piece of code whose purpose is to maintain an obscure piece of backward compatibility. [Chris Evans] has demonstrated a vulnerability in an Ubuntu version by playing an NES music file that contains exploit code emulated by the player on a virtual 6502 processor.

The NES Sound Format is a music file standard that packages Nintendo game music for playback. It contains a scripting language, and it is this that is used to trigger the vulnerability. When you open an NSF file on the affected Ubuntu system it finds its way via your music player and the gstreamer multimedia framework to, a gstreamer plugin for playing NSF files.

Rather unbelievably, his plugin works by emulating a real 6502 as found in a NES to derive the musical output, and it is somewhere here that the vulnerability exists. So not only do we have layer upon layer of backward compatibility to play an obscure music file format, there is also a software emulation of some 8-bit silicon from the 1970s. [Chris] comments “Is that cool or what?“, and while we agree that a 6502 emulator buried in a modern distro is cool, we can’t help thinking something’s been lost along the way.

A proof-of-concept is provided for Ubuntu 12.04. It’s an older version, but he points out that while he thinks the most recent releases should not contain exactly the same vulnerability, it certainly exists in more than one still-supported version. There’s also a worrying twist in that due to the vagaries of Ubuntu’s file manager it auto-opens when its folder is accessed from the GUI. The year 2000 called, they want their auto-opening Windows ME worms back.

Sadly we suspect the 6502 lurking in this music player can’t be put to more general-purpose use. If you manage it, please do share it with us! But if emulated 6502s are your thing, take a look at this 150MHz 6502 co-processor for an Acorn BBC Micro that someone made using a Raspberry Pi.

[via r/hacking]

6502 image, Dirk Oppelt, (CC BY-SA 3.0) via Wikimedia Commons.

Linux On Your NES Classic Edition

Nintendo look as though they may have something of a hit on their hands with their latest console offering. It’s not the next in the line of high-end consoles with immersive VR or silicon that wouldn’t have looked out of place in last year’s supercomputer, instead it’s an homage to one of their past greats. The NES Classic Edition is a reboot of the 1980s console with the familiar styling albeit a bit smaller, and 30 of the best NES games included.

You do not, however, get an original NES with a 6502 derived processor, and a stack of game cartridges. In the Classic Edition is a modern emulator, running on very modern hardware. We’re told it contains an Allwinner R16 quad-core Cortex A7 SoC, 256Mb of RAM, and 512Mb of Flash. That’s a capable system, and unsurprisingly any hacking potential it may have has attracted some interest. Reddit user [freenesclassic] for example has been investigating its potential as a Linux machine, and has put up a post showing the progress so far. It is known that there is already some form of Linux underpinning the console because Nintendo have released a set of sources as part of their compliance with the terms of the relevant open-source licences. That and the availability of a serial port via pads on the PCB gives hope that a more open distro can be installed on it.

We’re taken through the process of starting the machine up with the serial port connected to a PC, and getting it into the Allwinner FEL mode for low-level flashing work. Then we’re shown the process of loading a custom U-Boot, from which in theory a kernel of your choice can be loaded.

Of course, it’s not quite that simple. There is still some way to go before the device’s Flash can be accessed so for now, all that is possible is to use the RAM, and the current state of play has a kernel panic as it is unable to mount a filesystem. However this is a new piece of hardware in its first few days after launch, so this is very much a work in progress. We are sure that this device will in time be opened up as a fully hackable piece of hardware, and we look forward to covering the interesting things people do with it when that has happened.

If you are interested in the NES Classic, take a look at it on Nintendo’s web site. Meanwhile, here at Hackaday as a quick look at our past stories tagged “nes” shows, we’ve covered a huge number of projects involving the platform in the past.

Thanks [Doc Oct] for the tip.

Original NES console header image: Evan-Amos [Public domain], via Wikimedia Commons.

Pi Cart: 2,400 Games In One

What’s the quickest way to turn one game into 2,400? Cram a Raspberry Pi Zero running RetroPie into an NES cartridge and call it Pi Cart.

This elegant little build requires no soldering — provided you have good cable management skills and the right parts. To this end, [Zach] remarks that finding a USB adapter — the other main component — small enough to fit inside the cartridge required tedious trial and error, so he’s helpfully linked one he assures will work. One could skip this step, but the potential for couch co-op is probably worth the effort.

Another sticking point might be Nintendo’s use of security screws; if you have the appropriate bit or screwdriver, awesome, otherwise you might have to improvise. Cutting back some of the plastic to widen the cartridge opening creates enough room to hot glue in the USB hub, a micro USB port for power, and an HDMI port in the resulting gap. If you opted to shorten the cables, fitting it all inside should be simple, but you may have to play a bit of Tetris with the layout to ensure everything fits.

Continue reading “Pi Cart: 2,400 Games In One”